Unrated severityNVD Advisory· Published Nov 14, 2018· Updated Aug 5, 2024

CVE-2018-8256

Description

A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1.

Affected products

Microsoft/PowerShell Corellm-fuzzy
Microsoft/Powershellllm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 6.0
Microsoft/Microsoft.PowerShell.Archivev5
Range: 1.2.2.0
Microsoft/Windows 10cpe-rescue
Range: 32-bit Systems
Microsoft/Windows Servercpe-rescue
Range: version 1709 (Server Core Installation)
Microsoft/Windows 7cpe-rescue
Range: 32-bit Systems Service Pack 1
Microsoft/Windows 8.1cpe-rescue
Range: 32-bit systems
Microsoft/Windows Rt 8.1cpe-rescue
Range: Windows RT 8.1
Microsoft/Windows Server 2008cpe-rescue
Range: Itanium-Based Systems Service Pack 1
Microsoft/Windows Server 2012cpe-rescue2 versions
(Server Core installation)+ 1 more
- (no CPE)range: (Server Core installation)
- (no CPE)range: (Server Core installation)
Microsoft/Windows Server 2016cpe-rescue
Range: (Server Core installation)
Microsoft/Windows Server 2019cpe-rescue
Range: (Server Core installation)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/105781mitrevdb-entryx_refsource_BID
www.securitytracker.com/id/1042108mitrevdb-entryx_refsource_SECTRACK
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8256mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.025
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000